Quantum-safe encryption shifts from theory to network design reality

At a glance

What this is: Quantum-safe encryption is moving from future planning to present-day network architecture, with hybrid cryptography and layered encryption positioned as the practical bridge to post-quantum cryptography.

Why it matters: For IAM practitioners, this affects how trusted channels, device communications, and protected data flows are secured across NHI, autonomous, and human identity programmes as encryption assumptions change.

By the numbers:

• Key industries such as finance, healthcare, telecommunications, and critical infrastructure are expected to have completed the PQC transition by 2030.

👉 Read SSH Communications Security's analysis of quantum-safe encryption and PQC migration

Context

Quantum-safe encryption is the shift from classical cryptography toward post-quantum cryptography, or PQC, so that encrypted data remains protected even after cryptographically relevant quantum computers become practical. For identity and access teams, the issue is not only algorithm choice but also how encryption sits underneath authentication, session protection, and network segmentation.

The article frames this as an architectural transition, not a clean replacement. That matters because enterprises still have to support existing systems while preparing for longer confidentiality windows, especially where machine identities, service traffic, and privileged connections rely on encrypted transport across distributed infrastructure.

Key questions

Q: How should organisations start migrating to post-quantum cryptography without replacing everything at once?

A: Start with the links that carry long-lived sensitive data and high-value administrative traffic, then use hybrid cryptography where classical and post-quantum methods can coexist. This lets teams gain quantum-safe exposure reduction while preserving compatibility. The key is to treat PQC as a staged architecture change, not a single cutover event.

Q: Why do quantum-safe encryption projects matter to IAM and NHI teams?

A: Because identity assurance depends on the confidentiality and integrity of the sessions that carry authentication, delegation, and service-to-service trust. If the transport layer weakens, identity controls become easier to observe, replay, or subvert. PQC is therefore part of the identity trust stack, not just a network security upgrade.

Q: What breaks if organisations delay crypto-agility until quantum computing is mature?

A: Fixed cryptographic dependencies become a governance problem because systems, devices, and applications will still need to support multiple algorithms during migration. Delaying agility means more brittle integrations, slower response to algorithm change, and a higher chance that teams keep using unsafe defaults longer than intended.

Q: How do security teams decide between Layer 2 and Layer 3 encryption?

A: Use Layer 2 for high-speed, low-latency traffic inside data centres or between nearby sites, and Layer 3 for routed traffic that crosses networks and the internet. Many environments need both. The right choice follows the traffic path, latency budget, and segmentation requirement, not a one-size-fits-all standard.

Technical breakdown

Hybrid cryptography as a migration bridge

Hybrid cryptography combines a classical algorithm with a post-quantum algorithm in the same exchange, so both contribute to the session key. The design gives organisations a way to begin PQC adoption before every endpoint, appliance, and application is fully ready. If one algorithm class weakens later, the other layer still adds protection. In practice, this is less about replacing encryption wholesale and more about making the cryptographic stack adaptable without forcing a disruptive infrastructure reset.

Practical implication: choose hybrid-capable designs where crypto-agility can be managed through software updates rather than hardware replacement.

Multi-layer network encryption and defense in depth

The article describes simultaneous Layer 2 and Layer 3 encryption, which protects traffic inside data centres and across routed networks respectively. Layer 2 is useful for low-latency east-west traffic, while Layer 3 supports broader routed communications, including internet-facing paths. Used together, they create layered protection so that a misconfiguration or compromise in one place does not expose the entire network path. This is network segmentation by cryptographic means, not just by routing policy.

Practical implication: map where east-west and routed traffic need different encryption layers, then align controls to the actual traffic path.

Performance constraints of post-quantum cryptography

PQC algorithms often require larger keys and more processing than classical cryptography, so adoption is not only a security decision. High-throughput environments need platforms that can sustain 100-gigabit interfaces, low latency, and high port density while encrypting at scale. That matters because segmentation and confidentiality fail in practice if performance pressure leads teams to narrow coverage or bypass protection on critical links. The architecture must preserve both security intent and operational throughput.

Practical implication: validate PQC designs under production throughput and latency conditions before expanding them beyond pilot links.

Breaches seen in the wild

• Cisco DevHub NHI breach — IntelBroker exploited exposed Cisco credentials, API tokens and keys in DevHub.
• DeepSeek breach — DeepSeek breach exposed 1M+ log lines and sensitive secret keys.

Read our 52 NHI Breaches Analysis report for a comprehensive view of breaches impacting Non-Human Identities including AI Agents.

NHI Mgmt Group analysis

Quantum-safe encryption is becoming an identity problem, not just a cryptography problem. Network encryption protects the channels that carry authentication, delegation, and machine-to-machine trust, so PQC migration changes the reliability of the identity fabric beneath them. When transport security becomes crypto-agile, identity teams have to treat encryption as part of access assurance rather than a separate infrastructure layer. The implication is that IAM, PAM, and NHI programmes now depend on cryptographic transition planning.

Crypto-agility is the named control gap this transition exposes. Static cryptographic assumptions were designed for long-lived algorithms and hardware lifecycles. That assumption fails when organisations must support classical and post-quantum methods side by side while standards and deployment maturity continue to move. The implication is not merely to add new ciphers, but to recognise that fixed cryptographic dependence is now a governance liability.

Layered encryption changes the blast radius of network compromise. If Layer 2 and Layer 3 protections operate together, attackers need more than a single transport weakness to observe or alter traffic at scale. That matters for NHI traffic as well as human access paths, because identity assurance often depends on the confidentiality of the session itself. Practitioners should treat encryption layering as part of segmentation design, not a bolt-on feature.

Post-quantum migration validates zero trust, but it also makes trust boundaries more explicit. Zero Trust Architecture assumes continuous verification, while PQC forces teams to ask what still remains trusted when the encryption layer itself is in transition. Existing access models remain useful, but they have to be paired with a clearer view of where session protection, key exchange, and network path control can fail together. Practitioners should align quantum-safe plans with ZTA rather than treating them as separate programmes.

From our research:

• 79% of organisations have experienced secrets leaks, with 77% of these incidents resulting in tangible damage, according to Ultimate Guide to NHIs.
• 91.6% of secrets remain valid five days after the targeted organisation is notified, showing a critical gap in remediation procedures.
• Ultimate Guide to NHIs , Why NHI Security Matters Now frames why long-lived credential and transport assumptions are now a board-level concern.

What this signals

Crypto-agility is becoming a programme-level requirement, not a cryptography specialist topic. Teams that treat PQC as a future standardisation exercise will miss the operational work of mapping traffic paths, defining transition zones, and proving performance at production scale. The practical question is how quickly an organisation can replace static crypto assumptions with changeable ones without breaking service continuity.

For identity programmes, the immediate signal is that transport protection and access control are converging. As quantum-safe encryption becomes part of the trust envelope, teams should review where machine identities, privileged sessions, and east-west traffic depend on cryptographic stability that no longer exists. That makes segmentation, session protection, and key lifecycle planning part of the same governance conversation.

For practitioners

• Inventory long-confidentiality traffic paths Identify the data flows that must remain confidential for years, including intellectual property, regulated records, and privileged machine communications, then rank them for PQC migration first.
• Prioritise hybrid cryptography for transition zones Use hybrid exchanges where classical and post-quantum algorithms can operate together, especially on links that must stay compatible with current infrastructure while standards stabilise.
• Test encryption throughput before broad rollout Measure latency, port density, and encrypted throughput under realistic east-west and routed traffic loads so performance limits do not force exceptions later.
• Align PQC planning with zero-trust segmentation Place crypto-agility into your segmentation roadmap so transport changes reinforce least privilege and reduce lateral movement opportunities across compromised network segments.

Key takeaways

• Quantum-safe encryption is now an architectural transition issue because long-lived data and privileged traffic must stay protected beyond the lifespan of classical algorithms.
• The practical scale problem is not just new algorithms, but maintaining compatibility, throughput, and segmentation while legacy and post-quantum methods coexist.
• Teams that link PQC migration to crypto-agility and zero-trust segmentation will reduce future exposure without waiting for a disruptive network replacement cycle.

Key terms

• Post-Quantum Cryptography: Post-quantum cryptography is a set of cryptographic algorithms designed to resist attacks from cryptographically relevant quantum computers. It keeps encrypted data usable and protected when classical public-key methods become too weak for long-term confidentiality requirements.
• Crypto-Agility: Crypto-agility is the ability to replace or update cryptographic algorithms without redesigning the underlying system. In practice, it means software, devices, and policies can move between algorithm choices as standards change, rather than being locked into fixed assumptions that age badly.
• Hybrid Cryptography: Hybrid cryptography uses a classical algorithm and a post-quantum algorithm together in one exchange. The goal is to preserve compatibility and confidence during migration while reducing dependence on any single cryptographic method that may later prove insufficient.
• Layer 2 Encryption: Layer 2 encryption protects Ethernet traffic on local links, such as inside a data centre or between nearby sites. It is useful for high-speed east-west traffic where low latency matters and where protection needs to sit close to the network fabric.

Deepen your knowledge

Post-quantum cryptography, crypto-agility, and layered network encryption are core topics in our NHI Foundation Level course, the industry's only accredited NHI security programme. If you are building a transition plan for sensitive data and machine-to-machine traffic, it is worth exploring.

This post draws on content published by SSH Communications Security: quantum-safe encryption and post-quantum cryptography migration. Read the original.